CVE-2023-42506

Improper restriction of operations within the bounds of a memory buffer issue exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://jvn.jp/en/vu/JVNVU98392064/	Third Party Advisory
https://www.electronics.jtekt.co.jp/en/topics/202310175488/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jtekt:onsinview2:*:*:*:*:*:*:*:*

History

24 Oct 2023, 23:50

Type	Values Removed	Values Added
CPE		cpe:2.3:a:jtekt:onsinview2::::::::
First Time		Jtekt Jtekt onsinview2
References	~~(MISC) https://www.electronics.jtekt.co.jp/en/topics/202310175488/ -~~	(MISC) https://www.electronics.jtekt.co.jp/en/topics/202310175488/ - Vendor Advisory
References	~~(MISC) https://jvn.jp/en/vu/JVNVU98392064/ -~~	(MISC) https://jvn.jp/en/vu/JVNVU98392064/ - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-119

17 Oct 2023, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-17 23:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-42506

Mitre link : CVE-2023-42506

CVE.ORG link : CVE-2023-42506

JSON object : View

Products Affected

jtekt

onsinview2

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

7.8 /10